Unblock IP address from connecting via SSH

I manage a small cluster at work and occasionally students get their IP address banned by entering the wrong password when logging into the cluster. I don’t fix the problem often enough to remember how to do it, so I thought I’d jot it down here for future reference.

The blocking of IPs is controlled by Fail2ban, which scans log files for IPs which look malicious (e.g. too many password failures, looking for exploits, etc.) and bans them. It does this by updating firewall rules to reject the specific IP.

What we are interested in is the ‘Chain f2b-sshd’ part at the bottom of the list. Here we can see the (made up) IP address 199.188.177.166 is being banned (“REJECT”). That means that any user trying to SSH into the machine from that IP address will fail. If you have verified that that is the IP address you are expecting and know it is safe to unblock then we can delete the rule using the Chain name (f2b-sshd) and line number (2) using “iptables -D CHAIN LINE_NUMBER” so in this specific case: